From: Eric Dumazet <edumazet@google.com>
Date: Mon, 29 Jan 2018 01:48:59 +0000 (+0100)
Subject: bpf: fix divides by zero
X-Git-Tag: v4.9.79~4
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=4606077802f2c6ef7aff5185d9f7d99a50784ffd;p=platform%2Fkernel%2Flinux-amlogic.git

bpf: fix divides by zero

[ upstream commit c366287ebd698ef5e3de300d90cd62ee9ee7373e ]

Divides by zero are not nice, lets avoid them if possible.

Also do_div() seems not needed when dealing with 32bit operands,
but this seems a minor detail.

Fixes: bd4cf0ed331a ("net: filter: rework/optimize internal BPF interpreter's instruction set")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 64c4b13952f0..879ca844ba1d 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -642,7 +642,7 @@ select_insn:
 		DST = tmp;
 		CONT;
 	ALU_MOD_X:
-		if (unlikely(SRC == 0))
+		if (unlikely((u32)SRC == 0))
 			return 0;
 		tmp = (u32) DST;
 		DST = do_div(tmp, (u32) SRC);
@@ -661,7 +661,7 @@ select_insn:
 		DST = div64_u64(DST, SRC);
 		CONT;
 	ALU_DIV_X:
-		if (unlikely(SRC == 0))
+		if (unlikely((u32)SRC == 0))
 			return 0;
 		tmp = (u32) DST;
 		do_div(tmp, (u32) SRC);